Hacker Profile Becomes More Social, Adds Women

People who author malware are part of a thriving underground economy that's expected to grow in 2008, according to computer security researchers.

Most people involved in computer crimes are nameless and faceless to the organizations they attack, with the obvious exception of insiders. A few become known as a consequence of getting caught.

There's Adam Sweaney, 27, of Tacoma, Wash., who pleaded guilty in September to running a botnet. There's Azizbek Takhirovich Mamadjanov, 21, a Florida resident who was sentenced to 24 months in prison for a phishing scheme that led to millions of dollars in losses for a financial institution in the Midwest. There's Jason Michael Downey, 24, of Dry Ridge, Ky., sentenced in October to 12 months in prison for operating a botnet.

What's notable about these young men and other cybercriminals isn't so much their identities as their community. "I don't think the hacker is a loner anymore," said Don Jackson, senior security researcher at SecureWorks. "People that author malware feel like they have their own community now, their own social circles. They have their own social networks."

In contrast to people like Theodore Kaczynski, the Unabomber, who schemed in isolation to blow people up, cybercriminals today have plenty of support for their attacks and scams. They can buy automated attack kits or information about undiscovered exploits. They can rent botnets -- groups of compromised computers -- to spam, steal personal data, or conduct denial-of-service attacks. Their questions about breaking into other people's computers can be answered through IRC chats or Web forums. They're part of a thriving underground economy that's expected to grow in 2008.

And as cybercrime becomes an even bigger business, the profile of the cybercriminals is broadening beyond young men with computer skills. Jackson said that cybercriminals still appear to be predominantly male, "but we see a lot more women and girls involved in hacking."

One explanation for that may be that malicious hacking in the name of nationalism is tolerated, or even encouraged, in some parts of the world. It's socially acceptable.

"I've been really amazed at the way people defend their actions," Jackson said. "I've had people argue that it's not a bad thing."

Jackson recounted an article he'd had translated from a small-town Russian newspaper that lauded two local hackers for sticking it to "those Capitalists." Russian nationalism appears to be the motivation behind the massive distributed denial-of-service attack that hit Estonia in April. Attacks traced to China are also often attributed to nationalism. But more often than not, the real motivation is money.

Dave Marcus, security research and communications manager at McAfee Avert Labs, said that before 2000, the profile of the hacker was different, more "the pimply kid in the basement." Today, there's more professionalism, he said, because there's money in hacking in many countries.

While Marcus couldn't say whether more women were getting involved in criminal hacking, he did note that those in the security field tended to be exceptionally talented. "Most of the women in security and malware tend to have a lot higher skills than the guys do," he said. "They're considered much more elite."

Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.